<?

class BandNewsList extends db {
	
	function get_total() {
		$q = 'select count(ID) as total from Band_News';
		$r = mysql_query($q);
		if ($r) {
			$row = mysql_fetch_assoc($r);
			return $row['total'];
		} else {
			return Error::MySQL();
		}
	}
	
	function get_band_news() {
		$args_list = func_get_args();
		$number_to_get = (int) $args_list[0];
		$start_number = (int) $args_list[1];
		$is_active = $args_list[2];
		
		$query = "select ID from Band_News ";
		if (isset($is_active)) {
			$query .= "where is_active = {$is_active}";
		}
		$query .= " order by date_time desc ";
		
		if ($number_to_get && $start_number) {
			$query .= "limit $start_number, $number_to_get";
		} else if ($number_to_get) {
			$query .= "limit 0, $number_to_get";
		} else if ($start_number) {
			$query .= "limit $start_number, 10";
		} else {
			$query .= "limit 0, 10";
		}
		
		$r = mysql_query($query);
		if ($r) {
			$news = array();
			while ($row = mysql_fetch_assoc($r)) {
				$news[] = BandNews::get($row['ID']);
			}
			return $news;
		} else {
			return Error::MySQL();
		}
	}
	
	function get_total_search($q) {
		$is_active = $args_list[1];
		$query = 'select ID from Band_News';
		if (isset($is_active)) {
			$query .= "where is_active = {$is_active}";
			$qw = true;
		}
		$query .= ($qw) ? " and " : " where " ;
		$query .= "(title like '%{$q}%' or description like '%{$q}%' or body like '%{$q}%') ";
		$r = mysql_query($query);
		if ($r) {
			return mysql_num_rows($r);
		} else {
			return 0;
		}
	}
	
	function get_band_news_search($q) {
		$args_list = func_get_args();
		$number_to_get = (int) $args_list[1];
		$start_number = (int) $args_list[2];
		$is_active = $args_list[3];
		$qw = false;
		$query = "select ID from Band_News ";
		if (isset($is_active)) {
			$query .= "where is_active = {$is_active}";
			$qw = true;
		}
		$query .= ($qw) ? " and " : " where " ;
		$query .= "(title like '%{$q}%' or description like '%{$q}%' or body like '%{$q}%') ";
		$query .= " order by date_time desc ";
		
		if ($number_to_get && $start_number) {
			$query .= "limit $start_number, $number_to_get";
		} else if ($number_to_get) {
			$query .= "limit 0, $number_to_get";
		} else if ($start_number) {
			$query .= "limit $start_number, 10";
		} else {
			$query .= "limit 0, 10";
		}
		$r = mysql_query($query);
		if ($r) {
			$news = array();
			while ($row = mysql_fetch_assoc($r)) {
				$news[] = BandNews::get($row['ID']);
			}
			return $news;
		} else {
			return Error::MySQL();
		}
	}
	
}

class BandNews extends db {
	
	var $ID, $title, $user_id, $date_time, $description, $body, $is_active;
	
	function getID() {return $this->ID;}
	function getTitle() {return $this->title;}
	function getUserID() {return $this->user_id;}
	function getUserObject() {
		$uo = User::get($this->user_id);
		return $uo;
	}
	function getDateTime($dateMask = null) {
		$dateMask = (!$dateMask) ? DATETIME_FORMAT : $dateMask;
		return date($dateMask, strtotime($this->date_time));
	}
	function getDate() {
		return $this->getDateTime(DATE_FORMAT);
	}
	function getTime() {
		return $this->getDateTime(TIME_FORMAT);
	}	
	function getDescription() {return $this->description;}
	function getBody() {return $this->body;}
	function getBodyWordCount() {
		$body = explode(" ", strip_tags($this->body));
		$wc = count($body);
		return $wc - 1;
	}
	function isActive() {return $this->is_active;}
	
	function get($newsID) {
		if ($newsID > 0 && is_numeric($newsID))  {
			$q = "select * from Band_News where ID = " . $newsID;
			$r = mysql_query($q);
			$row = mysql_fetch_assoc($r);
			if ($row['ID']) {
				$no = new BandNews;
				$no->ID = $row['ID'];
				$no->title = db::sanitize_from_db($row['title']);
				$no->user_id = $row['user_id'];
				$no->date_time = $row['date_time'];
				$no->description = db::sanitize_from_db($row['description']);
				$no->body = db::sanitize_from_db($row['body']);
				$no->is_active = $row['is_active'];
					
				return $no;
			}
		}
		
		return Error::create("Invalid News Posting ID.");
	}
	
	function add($postArray) {
		include_class('text');
		$db = new db;
		$title = $db->sanitize_to_db($postArray['title']);
		
		if (User::isAdmin()) {
			$uo = User::get($postArray['user_id']);
			if (db::isError($uo)) {
				$e->add($uo);
			} else if (!$uo->isAdmin() && $uo->isBandMember()) {
				$e->add("Invalid user. User must be a band member or an administrator.");
			}
		} else {
			$uo = User::getCurrent();
		}
		
		$user_id = $uo->getID();
		
		$_dt = strtotime($postArray['date']);
		$dt = date('Y-m-d', $_dt) . ' ' . $postArray['time'];
		$dateTime = date("Y-m-d H:i:s", strtotime($dt));		
		
		
		if (!Text::isRTELoaded('description')) {
			$postArray['description'] = nl2br($postArray['description']);
		}
		
		if (!Text::isRTELoaded('body')) {
			$postArray['body'] = nl2br($postArray['body']);
		}
		
		$description = $db->sanitize_to_db($postArray['description']);
		$body = $db->sanitize_to_db($postArray['body']);
				
		if (!$title) {
			$title = '(untitled)';
		}
		
		$r = @mysql_query("insert into Band_News (title, user_id, date_time, description, body, is_active) values ('$title','$user_id','$dateTime','$description','$body'," . DEFAULT_ACTIVE . ")");	
		if ($r) {
			return BandNews::get(mysql_insert_id());
		} else {
			return Error::MySQL();
		}
	}
	
	function canEdit() {
		$uo = User::getCurrent();		
		if (is_object($uo)) {
			return ($uo->getID() == $this->getUserID() || $uo->isAdmin());
		}
	}
	
	function canAdd() {
		$uo = User::getCurrent();		
		if (is_object($uo)) {
			return ($uo->isBandMember() || $uo->isAdmin());
		}
	}	
	
	function update($postArray) {
		
		$db = new db;
		$title = $db->sanitize_to_db($postArray['title']);		
		$uo = User::getCurrent();
		include_class('band_members');		
		
		if (User::isAdmin()) {
			$uo = User::get($postArray['user_id']);
			if (db::isError($uo)) {
				$e->add($uo);
			} else if (!$uo->isAdmin() && $uo->isBandMember() ) {
				$e->add("Invalid user. User must be a band member or an administrator.");
			}
		} else {
			$uo = User::getCurrent();
		}
		
		$user_id = $uo->getID();
		
		$_dt = strtotime($postArray['date']);
		$dt = date('Y-m-d', $_dt) . ' ' . $postArray['time'];
		$dateTime = date("Y-m-d H:i:s", strtotime($dt));		
		$description = $db->sanitize_to_db($postArray['description']);
		$body = $db->sanitize_to_db($postArray['body']);
				
		if (!$title) {
			$title = '(untitled)';
		}
		
		if (!$this->canEdit()) {
			return Error::create("You may not edit this news posting.");
		}
		
		$r = @mysql_query("update Band_News set title='$title', user_id = {$user_id}, date_time='$dateTime', description='$description', body='$body' where ID = " . $this->ID);
		if ($r) {
			return BandNews::get($this->ID);
		} else {
			return Error::MySQL();
		}
	}
	
	function activate() {
		if ($this->canEdit()) {
			$r = @mysql_query("update Band_News set is_active = 1 where ID = " . $this->ID);
			if (!$r) {
				return Error::MySQL();
			}
		} else {
			return Error::create('You may not activate a post that is not yours.');
		}
	}
	
	function deactivate() {
		if ($this->canEdit()) {
			$r = @mysql_query("update Band_News set is_active = 0 where ID = " . $this->ID);
			if (!$r) {
				return Error::MySQL();
			}
		} else {
			return Error::create('You may not deactivate a post that is not yours.');
		}
	}
	
	function remove() {
		if ($this->canEdit()) {
			$r = @mysql_query("delete from Band_News where ID = " . $this->ID);
			if (!$r) {
				return Error::MySQL();
			}
		} else {
			return Error::create('You may not remove a post that is not yours.');
		}
	}	
}

?>
